问题描述
2020-08-14 00:10:48,007 INFO RuleExecutor - Assembly resolution for :hsshh
2020-08-14 00:10:55,037 INFO RuleExecutor - Assembly resolution for : abscd
2020-08-14 00:10:56,042 INFO RuleExecutor - Assembly resolution for : ERROR VHAH
2020-08-14 00:10:57,042 INFO RuleExecutor - Assembly resolution for : ERROR Aaaa
2020-08-14 00:11:50,112 INFO chcvjhg - XXXXXXX
问题陈述:在两个时间戳2020-08-14 00:10:55和2020-08-14 00:11:50之间,我要获取具有诸如“ ERROR”之类的关键字的记录
我对PowerShell非常陌生,有人可以在这里帮助我吗?
预先感谢
解决方法
幸运的是,您的日志格式中的时间戳是可排序的,因此您可以使用常规比较运算符(例如-gt / -lt):
$start = '2020-08-14 00:10:55'
$end = '2020-08-14 00:11:50'
Get-Content Service.log |Where-Object {
($_ -gt $start) -and ($_ -lt $end) -and ($_ -like '*error*')
}